Beyond Backup: Why Choose The Cloud?

Cloud computing has gone from a niche part of IT into the norm for most companies over the past couple of years. It’s become common

knowledge that for backing up information without having to spend money on costly hardware, the cloud is the way to go. However, back-ups are not the only benefits of moving your network to the cloud. Accessibility, portability, and scalability are all benefits as well that can save your business time and money and help you raise the bar for your business….into the cloud.

Let’s start with the integration. In the past, setting up a new server, linking it, installing software, and everything that went with it took days. This meant downtime, manpower being shifted from their usual jobs to helping install and implement the network. With the cloud those days become hours, if not minutes. The cloud offers seamless integration and back up. This means that integration is merely a matter of proper synching and uploading

which can be done easily by an experienced team such as Delval Technology Solutions, while your team works on the things that they need to for your enterprise. What’s more, your software will be integrated as you need it to be, no more having to start from scratch and customize it to your needs. It goes to the cloud just how it exists on your current terminals.

The cloud also makes it easier for your business to grow. Cloud servers have the capabilities for near unlimited storage. If your enterprise takes on more clients, backs up more files, or adds additional projects or employees, the room is easily made without adding extra hardware. What used to take new

computers, hours of setup, and multiple consultations now occurs in just a few clicks, at a fraction of the cost. If you add new users remotely, or in house,

as long as they have internet service and proper credentials, they can access your network quickly and efficiently. For your workers who are collaborating, it can be an issue sending larger files to one another without having to take extra compression steps, which can degrade images and video. However, with the cloud, sending these files is as easy as dropping something into a shared file.

The cloud also offers enhanced security. Now, this may seem counter intuitive. You would think that a process that makes your network more accessible

to your employees would also make it more accessible to hackers. However, this is not the case. A top-class cloud provider, like the folks at Delval

Technology Solutions, will employ someone whose entire job is to make sure that the cloud is secure. They are tasked with monitoring the goings on in the cloud in real time and are security experts. This is not to say that your in-house IT personnel doesn’t know their stuff, but they have a variety of things to focus on. Another thing that adds to the security of the cloud is the encryption associated. For your data to reach the cloud it must first be encrypted. This encryption only deciphers itself when properly accessed. What does this mean for your business? You don’t have to worry about your data floating around cyber-space, as even if it does get out, it will be illegible to anyone trying to read it.

The cloud is also more affordable in the long run. With cloud services you get access to things like subscription versions of the latest software which are easily scalable and available for a fraction of the cost. In fact, adding anything from software, to terminals, to necessary storage is more cost effective in the cloud. This is because you are leveraging cost. The cloud is basically a massive, shared server. Therefore, you are basically getting a wholesale price on data, storage, and software. Why the cloud? Well, it seems the question in this case would be why not? Whether you are looking to scale up, migrate your employees, back up your data, or save money, the cloud is a perfect solution to your data needs. When you partner with a top notch cloud service provider like Delval Technology Solutions, the cloud isn’t merely a thing you look at in the sky, it’s the technology that makes the sky the limit for your business.


Ransomware Concerns Aren't just Ransom

At this point, everybody has probably heard enough about cyber attacks to get the gist. Hackers come in through a nefarious means. This could range from phishing, to finding a zero day exploit in a server, to just peering over an employees shoulder. From there, they use the way in to steal your data. This includes login credentials, customer information, credit card information and just about anything else that's out there. In the case of ransomware, the most prevalent attack, these hackers hold your data hostage, crippling your organization until you pay up. That sounds bad doesn't it? Well, that's not the only price you pay when you get hacked. Today, let's look at what else costs you when you get attacked.

How much does trust cost your business? When customer or employee information leaks to the dark web,  it serves to erode the trust you have built.

This could mean a number of things. It could mean your customers and clients suffering from identity theft, bank account breaches, or having at the bare

minimum to argue with their bank or change all of their login credentials.  These minor nuisances and major challenges come back to reflect on your company's security. Many businesses have suffered greatly from lack of consumer confidence. On the employee end, it can mean reimbursement, time lost, and worse yet, a higher turnover rate. If an employee cannot trust and employer with their livelihood and reputation, then they lose much of the incentive to stay with that job. Those factors can also keep other qualified applicants from wanting to join the ranks of your business.

A breach is also cause for investigation. For some that could be just a minor nuisance as they may have a great MSP like Delval Technology Solutions to make sure they are compliant and operating within the regulations that have been set out. If a company isn't up on their compliance, then it can be a far bigger issue. That's when they need to worry about fees and fines levied, costing thousands of not millions of dollars. It can also lead to an organization being shut down completely, depending on the violation.

How much does it cost you, per day for your network to be shut down? This question is a pressing one for many business owners. The cost of downtime is something that can bleed a business dry if it goes on to long. In fact many studies indicate that a business can only sustain three days of downtime without losing catastrophic amounts of money. After that 70% of businesses have to shut their doors completely. You still have to pay your team, even if they are knocked offline by an attack. Your bills, invoices, and internal communications will grind to a halt. You won't be able to get the money from your clients in order to pay your bills and your staff. Your team won't be able to continue and complete their tasks as they will not be able to communicate or collaborate over your network. Your customers who are trying to reach you will be left in the dark. This ripple effect is why making sure you have systems in place to minimize downtime are crucial elements to your business.

This may seem daunting, after all these hackers are working full time to attack enterprises such as yours, and you are working full time on numerous other things involved in running your business. This is where an MSP like Delval Technology Solutions comes in. An MSP gives you access to the resources you need in the fight against hackers. You will have experts on call, helping you plan and manage your network proactively. Your company will have access to top class software and hardware, handling things such as multi factor authentication and real time network monitoring to keep intruders out and your business experiencing uptime, not downtime. Your team, well they will receive monthly training to help transform them from average

employees into Frontline firewalls, helping you keep hackers and cyber-attackers at bay. All of this comes at a fraction of the cost of hiring

just one full time IT technician, and is tailored by experience so you get what you need, when you need it.


How an MSP Can Help You Grow

Tom owns a small financial firm. Over the last few years, Tom and is firm have been making money for their clients. So much in fact, that their

clients are bringing in new clients. He made those clients money, and word ontinued to spread. He had a realization that he was faced with a choice. Did

he stop taking on new clients or accept that he had to take his small firm to he next level. Tom, like many, chose the latter. However, he had a lot of

concerns. One of which was if his current technology was equipped for the job.

Tom isn't a tech expert and as handling things on his own for the most part, which was fine when he only ad a 3 man team. As they get ready to expand, he realized that wouldn't be sufficient any longer. He knew he needed a partner who could handle those things for him, so he could focus on his client and his business, so he called on an MSP. Growing isn't easy, and a great MSP like Delval Technology Solutions can alleviate some of those growing pains.

Time management is important to any business owner. An MSP can save you valuable time during the growth process. It allows you to have a team of experts behind you, taking the guesswork out of what hardware and software would be the best fit to grow you business. They can also help you add users quickly and not only advise you on the proper tech steps to take, but also implement needed changes in an efficient manner. With an MSP, you have a team with up to date knowledge and resources at their disposal, which brings us to the next point.

Tom is a financial expert. He always had an affinity for numbers and trends, and took great joy in helping his clients reach their financial goals. While technically proficient, he is not by any means an expert and he's smart enough to know that. He is concerned with keeping his network secure and his company within the bounds of regulation. By partnering with an MSP, he got his expert guidance. They handle his network, making sure his team's questions are handled in a timely matter, hat his servers are optimized, and that his team can work from anywhere at any time. Tom's peice of mind comes from knowing that his network isn't just managed it's secure. A great MSP, such as Delval Technology Solutions treats cyber security for what it is, a living breathing thing that needs to outpace the criminals. Tom has his network monitored, and the Dark Web combed for data on a monthly basis. They also train his staff on cyber security, making sure everyone on his growing team was prepared to aid in the fight against cyber crime.

An MSP will also handle compliance. Each industry is subject to a series of laws in regards to their network practices. Not only do these laws vary by state in many instances they are constantly amended on top of new ones being added. It can be confusing to stay up to date on these laws

and the penalty for not adhering to the guidelines can cost your company thousands if not millions of dollars.  With an MSP you have a team who is on top of the compliance issues and makes sure someone like Tom is within regulation.

 

This brings us to the final point, and it’s a matter of cost. Adding

IT personnel into your staff is a costly endeavor. Each member of the team will

cost you between $80,000-100,000 a year. Depending on your company needs, one

IT staff member most likely isn’t enough. What if you needed to add an IT executive?

A qualified CIO will run you almost $200,000 a year and requires you to relinquish

some control to them. Tom needed to add more advisors, more accountants, a new

secretary and that was just the beginning. He knew an MSP would give him the

expertise and backup he needed without having to drop hundreds of thousands of

dollars on a full scale IT team. In fact, his yearly contract with an MSP is

under the cost of a single IT person for his team.

 

The choice for Tom was an easy one. He signed a contract with an

MSP that would be able to fufiill his needs. He did his due diligence, as not

all MSP’s are created equal. Tom found one that treated him like a partner,

ready to work with him to grow his enterprise, instead of as a client. He found

Delval Technology Solutions, and he was glad he did. Now, he was ready to do

what he did best, making money for his clients, without having to worry about

his IT. Be like Tom, contact the DTS team today!

 


The Government Response to CyberCrime

Cybercrime is on the rise in the United States. With increases of hundreds of precents and an estimated $590 million dollars paid out in attacks in the first half of the year alone, the threat is growing exponentially, and effecting American businesses. After a massive attack on the Colonial Pipeline which caused a brief gas shortage and other attacks on infrastructure by foreign actors, many wondered when our government would act. Currently there is legislation on the table which we will explore in this article.

 

The first of these bills has to do with compliance, specifically how long a company has to report a critical infrastructure attack. While CISA (Cybersecurity and Infrastructure Security Agency) has asked for flexibility, definite timelines being propose. There are three bills that have been introduced with this at the helm. In the Senate the two competing bills have a 24 and a 72 hour limit on reporting respectively. Critics have claimed that the 24 hour bill doesn't give organizations sufficient response time and takes away needed manpower. In the House, the bill calls for a 72 hour minimum and creates a Cyber Incident Review Board where critical infrastructure organizations must report to.

 

These are all being proposed to be added to the final draft of the Defense Authorization Bill. Also included in the House version of the bill is a change to the CISA directors assignment. It would make them a non-political 5 year appointee, similar to other intelligence agencies. The bill earmarks $500 million in cyber-security grants at the state and local levels. Further, it includes authorization for incentives for the cyber-security industry to find and report vulnerabilities as well as will implement a cloud based system of information sharing related to cybercrime for government officials.

 

The Senate has additional earmarks including $21 million dollars in discretionary spending to the CISA head. It allows for the Department of Homeland Security to step in and provide funds and aid in the case of a significant, devastating attack. The Senate has also set the state and local grant to a billion dollars in their version.

 

These changes can affect businesses that fall under the broad designation of infrastructure. Currently there are over one hundred compliance laws that have been passed in the last year alone between the local and the federal level, on top of the existing compliance laws on the books. While these laws vary by industry, one thing is the same across the board, the fines that come with violating these laws, while varying in amount are constant. Adding a federal mandate would also add a criminal element to not reporting these violations properly.

All this regulation may seem like a lot. However there is a bright spot. Reporting of cyber attacks is up over 60% from 2020. This allows for these attacks and those who carry them out are studied and documented. This allows for companies to strengthen software, create updates that patch vulnerable holes in the network, and cyber security experts such as Delval Technology Solutions to be even better adapt at preventing these attacks.

The fact is, if you are reading this, chances are you aren't a compliance expert. You are an expert in your field, running your business with all of the peaks and valleys that come with it.  The best thing you can do, no matter what the outcome of these defense bills, is to partner up with experts.

Having an MSP, like your friends at Delval Technology Solutions, by your side gives you access to experts. These experts follow the trends, in security and compliance,  to make sure you stay on the right side of regulation. On top of that you get someone monitoring your network, protecting your endpoints, and helping you make sure that your network and your business are protected. You will have a plan that allows you to be prepared if you ever are attacked while working with a partner working hard to ensure you never are. They even train your staff to ensure that everyone in your organization knows what to be on the lookout for.


Facebook Outage, DNS Servers and Your Business

Last week, a curious thing happened. About twenty four hours after a whistleblower spoke about the algorithms Facebook and it’s associated

properties used and a member of the team rebutted these claims, an outage occurred. Facebook, WhatsApp, Oculous and Instagram all went down for nearly and entire day, and speculation ran rampant as to the cause. We have witnessed massive ransomware hacks, on police departments, sports teams, and infrastructure this year. One had to wonder, was Facebook, a company worth the GDP of many countries that possesses Pentagon level cyber security, compromised to a level in which it couldn’t operate? According to internal sources at Facebook, that wasn’t the case. In fact, it was an issue that happens more frequently then cyber attacks, a DNS server error.

DNS stands for Domain Name Systems. DNS handles many things. The main one is that it allows for computers to translate words in domain names

into numerical data that allows for computers to connect to one another, the internet, and their network. This data is what is referred to as an IP address.

The server translates the requests and sends the user to the appropriate server in the network or on the internet. DNS was created to make the internet easier to use for everyday people. Instead of having to type a set of seemingly random numbers into a toolbar to navigate to a web page or to an internal server, DNS was created to allow the usage of words to get people to their virtual destination. Originally, these arraignments were made by hand, but as the demand and connectivity to the internet grew, it was obvious that was not a system that would work for everyday people. 

DNS serves as a way to handle the growing navigational needs of our digital world. The DNS directory is a worldwide directory, stored in it’s

own special servers called dns servers. These servers are interconnected to one another and connected to the internet at large, synchronizing directory

information and making it available to servers around the world.

Internal DNS servers can fail, and when they do, it can shut down enterprises. Last Mondays outage not only blocked access to Facebook and

it’s associated platforms for millions of users, but internally at Facebook it shut down communications. For those who were not logged into their work

stations, they were locked out until the issue was fixed. For others who were logged in before the crash, they were unable to communicate with one another. This compounded the problems faced by Facebook consumers, as the very people who were supposed to be working to get the network back online were unable to communicate via their terminals. In fact, it also locked many at their main campus out of the facilities entirely as the security doors reading the key cards couldn’t communicate with the main server. If Facebook was a house, it was on fire, 911 couldn’t answer the call and the water lines were down.

The culprit for this appears to have been an update to their network that wiped out all of the DNS information that Facebook and it’s properties used for the internet to find Facebook, and it’s consumers suffered as a result. They weren’t the only ones, in six hours Facebook lost 60 million dollars or 222,000 dollars a minute. Facebook may have been able to withstand these outages, but for many companies an outage can spell impending doom. If you are a business owner, you know that downtime is the enemy. How do you prevent an outage? Well, truth of the matter is they are avoidable, not preventable. Making sure you have a DNS network that can handle the volume you need it to is a key component. Load balancing can help split the traffic between servers as to not overwhelm them. There are more procedures, however, if you aren’t a tech minded individual, these are things that may be hard to implement and may not make much sense.

This is where having a strong MSP to run your network comes in. Partnering with an MSP such as the folks at Delval Technology Solutions can

help you alleviate your concerns and ensure that your DNS servers don’t fail. An MSP offers expert level network management and guidance, at a fraction of the cost of hiring an in house team. For more information, feel free to contact us while you are here, or set an appointment and see all of the things an MSP can do for you.


Phishing Attack: Red Flags To Avoid

Human beings are trusting. This is actually a proven scientific fact, we are wired to trust when oftentimes we shouldn't.  This is a partial explanation for people getting conned throughout history. The conmen of the past have been replaced however, by a new breed, hackers and cyber-scammers. Are you being scammed? Here's some red flags to look out for.

 

Have you gotten a notification that you won some contest you never entered or have been approved for a loan you never applied for? Don't proceed! These are red flags of phishing attempts. At first glance they may seem like they are coming from reputable companies such as PayPal or Facebook but they are from scammers looking to take your money or information. You must give consent to enter a contest, be it filling out information or buying an associated item like a ticket. No bank, anywhere, is just approving people for loans that didn't apply for one.

 

Sometimes these things are less obvious. You get an email from a higher up in your organization, with an urgent message. They need your help with money, but it must be in the form of a gift card. You are going to be logged out permanently, so you must click this link and enter your information. If it doesn't make sense, double check everything. Look at the sender information. Did they send it during business hours? Look at the email it was sent from, does it perfectly match up? Even then if it's an out of the ordinary request, your best bet is double check with them directly. Even if the email looks correct, the person may have had their account accessed directly from a hacker. Read it carefully for spelling and grammatical errors that may be minor but reoccurring. Usually, the people sending these are either using bots or come from a country that English is not the first language.

 

This occurs on social media also. You get a friend request from a friend on your friends or connection list. It seems odd since you are already connected to them. The best thing to do in that case is message the person directly. Ask them directly, "hey did you open a second account? I wanted to double check before I added you." Social media is also where we oftentimes keep clues as to our passwords for various accounts. In fact, one of the biggest ways that hackers are able to get this information is posts that make users indicate their birthdays, pets names, or other personal information that can serve as partial passwords for potential brute force attacks on accounts.

 

We all carry around smart phones that are usually connected to everything from our social media accounts to our bank accounts. These phishing attempts often come in the form of a text message. You can usually spot them using similar methods to phishing emails. They come from an unfamiliar number. Look for the same spelling and grammar errors you would, as well as links and urgent calls to action. Remember, because our phones link to just about everything we have, an sms attack could leave you more vulnerable than an email attack.

 

Now that you know the red flags to look for, you may be wondering why do they matter? Phishing attacks are usually the precursor to ransomware, a plague that has been hitting corporations around the country with no end in sight. Once these phishing attacks are carried out, these hackers have access to not only your data and credentials, but your network. From there your data, credentials, and even access to your account is sold for pennies on the dark web to other hackers to carry out financial cybercrimes on your business.

 

There are many ways to protect your business from these attacks and their attackers. The best way to do this is by partnering with a top-class MSP such as Delval Technology Solutions. By partnering with an MSP you get security features such as endpoint security, monitoring, and offer proactive management to keep you one step ahead of hackers. The best part, they train your staff on cyber security protocols and social engineering to make sure your whole team knows what to look for to keep your network safe.


A Cyber-Security Glossary

Cyber-security is a big issue for many companies. The feeling that you may not be protected can be a scary one, and it’s something that many enterprises grapple with. They want to stay safe, informed, and ahead of the curve. However, the more one looks into these things, the harder they

can be to understand. This is why we are going to take some time today to go over some of the terminology and buzzwords that one might encounter, what they mean, and why they are important to your journey into a secure network.

Zero Trust- Zero Trust is a way to operate a network, with the assumption that no trust can be given. This is not to say not to trust your employees, but that when it comes to who gets into your network, do not trust that the person is who they say they are without proof. This goes beyond passwords, but encapsulates things such as multi-factor authentication (see next section) and other verification methods to ensure that the person trying to get in is in fact the person that should be there.

Multi-Factor Authentication (MFA)- MFA is a system in which a secondary or tertiary method is required before someone can access the network. This verification can be in the form of entering a code from an email or text, using a push method, or answering a verification phone call in order

to access after putting in ones password.

Endpoint- An endpoint is a remote device that is connected to your network. These range from smart phones, to laptops to tablets. It also

includes your servers and even the smart refrigerator you bought for the break room. These endpoints all access your network, which is why endpoint security is important.

Social Engineering- Social engineering is a form of treachery in which a person is convinced to act against their best interests. This includes phishing emails, usb ports full of viruses left around, and many other means. The key is the human element involved. This is why social engineering attacks are the most dangerous, the criminals use your team against you.

Ransomware- Ransomware is a malicious attack that takes your network and data hostage. The goal is to get the person or enterprise to pay a

ransom, usually Bitcoin, to the attackers in order to get their data back. This past year, major ransomware attacks were carried out against infrastructure and business, with no signs of slowing down.

Malware- Malicious software. The intent of malware is to steal data, be it financial information, login credentials, and other information that can either be sold or used to access your network. These attacks come in many forms. They include spyware, viruses, Trojans, spyware and ransomware.

Patch- A patch is an update put out by a software company to close holes in the software that may allow for intrusions.

Dark Web- The dark web is the third area of the internet, which requires a hidden browser and a VPN to access. The dark web serves as a marketplace for hackers to sell data, plan and carry out attacks, as well as being the home of many illicit businesses. Oftentimes bank account details,

credit card information and login credentials are sold for pennies on the dollar.

Breach- A breach is when a network has been compromised. Usually this is in reference to when secure sections of a network are accessed

and data has been leaked to the dark web.

Compliance- Compliance refers to the laws and procedures that must be followed to stay within the confines of the law. An example of

this would be the HIPAA act, where medical practitioners are required to follow certain protocols in order to keep people’s medical information confidential. Not maintaining proper compliance can lead to steep fines and lost of consumer trust.

Risk Management- A form of proactive management in which an expert, such as Delval Technology Solutions analyzes your current technology.

This allows them to spot any risks that may be currently occurring, as well as to help identify future risks so that they can be avoided.

Phishing- A phishing attack is when a person or group of people are breached via misleading communications. This can come in the form of an

email, usually with an extreme sense of urgency that appears to be from a trusted source, a similar text message or a phone call. These texts and emails

usually have an attachment or a forum that appears to be from a trusted individual but in fact is from a malicious actor. The calls are usually telling you that there is an extreme emergency and you need to give your information immediately.

Firewall- A network security system that controls who enters and exits the network based on preset conditions.

When you speak to a managed service provider or network service provider, keep these phrases in mind. For your cyber-security needs, having an MSP that covers all of these bases is crucial. Cyber-security is a living breathing thing, the old ways of spam blockers and firewalls don’t hold water anymore. You need comprehensive security to keep your business safe.


Southeast Pennsylvania Flooding and Disaster Recovery

This past week, the Southeastern Pennsylvania region was hit with an unprecedented storm system. Hit with flooding that rivals Hurricane Sandy, and seven tornadoes touching down in Bucks and Montgomery Counties, the losses experienced were catastrophic for many. Families lost their homes or had their belongings flooded out. Businesses lost offices, assets, and many lost valuable time as their networks were shut down.Hence why disaster recovery protocols are so important.

It has been stated in the past that a company can survive three days of downtime before beginning to approach it’s demise. In fact, 70% of businesses who go under for more than three days, go under for good. A proper game plan and proper implementation can minimize downtime and help your

business survive the wrath of a natural disaster. The best way to do this is by teaming with a Managed Service Provider such as Delval Technology Solutions to help you protect your business and act in your best interest.

The first thing to do is seemingly the most obvious, being proactive and making a plan. Take stock of all of your inventory, be it virtual or physical. This isn’t limited to things you are selling or shipping. How many work stations do you have? How many phone lines do you operate? Are there ways

to better secure your facility? What disasters are you attempting to get ahead of or protect against? Where is your data going? Is there a secondary site you can move to? These are all important questions to ask yourself so you know the destination.

Proper data backup is an important part of a good recovery plan. However, just backing up your data is only one step. It has to be accessible to your team and yourself no matter the situation or location. It is imperative to test your network. This will ensure that everything is being backed up properly and is legible when you need it to be. Also, it is important to make sure that this data is accessible from anywhere, if your office is underwater and you have to work from home, you still have it. With an MSP such as Delval Technology Solutions, we handle bringing your data safely and securely to the cloud.

From there, it is able to be accessed remotely by your team. This isn’t merely limited to your data either, your software from the 365 suite even down to your phone systems can be accessible from the cloud.

It isn’t only a matter of your virtual data. The human and hardware factors are important as well. There is a story that gets told around the office here at Delval Technology Solutions. There was a major storm a few years back that knocked out power to a client that ran a logistics company. They were tasked with guiding and tracking trucks that were still on the road, and downtime was not something they could afford to have. They had a full backup

plan, employees on site, but were not prepared for an outage of this magnitiude. The DTS team worked all day and night to bring out generators to them and rewire the premises to get them back up and running so all their data and network capabilities were accessible to keep the trucks running. Working hand in hand with the company’s team, DTS was able to ensure that the disaster, while inconvenient was not a catastrophe.

Keeping communications up is also a key factor for companies. Clients and vendors call you daily. Your team needs to be able to continue their day to day operations, be it simple communications, collaborating on projects, or sending invoices. This all requires a network that can stay up and running regardless of where you are. The best way to achieve this is the cloud. A proper cloud service provider such as Delval Technology Solutions, is

proactive in their cloud approach, preparing you for any catastrophe before it hits.

All of this may not prevent a disaster. However, it will allow your business to bounce back instead of crash and burn. Make your plan. Get your Disaster team picked, making sure you have all the experts you need. If you don’t have them on hand, contact an MSP such as Delval Technology Solutions. Back your data up and test it, as well as test your cloud technology. Take an inventory of what you have, and finally make sure you don’t lose communication. This will help you ensure that your business isn’t a statistic in anything other than successful disaster recovery.


What to Know About the T-Mobile Hack

Hackers are back in the news this week. This time, cellular carrier T-Mobile, which is used by 104 million people on a daily basis, was hit with a massive breach. This breach exposed the data of almost 50 million T-mobile users. This attack was not limited to current users, with former and prospective user data being compromised as well. Reported on August 15th, this breach was one of the largest attacks on a cellular carrier in recent memory. T-Mobile, the second largest cellular carrier in the country, apparently was lax when it came to

securing their network.

A 21 year old named John Binns, an American citizen living in Turkey, claimed responsibility for the attack and was able to provide proof to the Wall Street Journal and top cyber security professionals. Binns was able to access the network via an unsecured router at a T-mobile facility in Washington. This allowed for him to navigate through over one hundred T-mobile servers to find the information that he was looking for. Like many hackers, Binns was looking for any way he could to gain access into the network. While it took a bit of time, within a week Binns had access to millions of pieces of valuable customer data.

This data consisted of full names, birthdates, credit card numbers, social security numbers, drivers license numbers and bank account information. "I was panicking because I had

access to something big. Their security is awful," Binns recounted to the Wall Street Journal. "Generating noise was one goal." Unlike many hackers who wish to hide behind anonymity, Brinns was more brazen, speaking to reports from both Motherboard and Bleeping Computer, two of the countries top tech publications. He explained that he had routed around the servers and found the treasure trove, an Oracle database server full of customer information. He even shared screenshots showing his connection to the server to prove he was the man behind the attack.

T-Mobile eventually recognized they were breached and forced Binns out of the server. This isn’t before he made copies of what he claims is 106 GB of customer data. In fact, he did drop a trove of data onto the dark web, which is where most stolen data ends up, which he sold for six Bitcoin, which as of this writing has a value of three hundred thousand dollars. Binns reasoning for the attack is as follows. He claims that he was accused of being part of a botnet gang by the FBI and the CIA. From there he further alleges that the agencies removed him from Turkey and brought him to Germany where he was tortured for days. In fact, he went as far as to file suit against the agencies that alleges he was subject to illegal break-ins and wire-tapping by the agencies and accused of being a member of ISIS, which he fervently denies. In a message relating to the attack shared via Twitter Binns said "The breach was done to retaliate against the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence agents in 2019. We did it to harm US infrastructure.” While he has neither confirmed or denied being tied to a hacking group, he did acknowledge that he needed help getting into the servers.

Unit221B LLC, a cyber-security company, made T-mobile aware of the attacks after finding the data on the dark web. T-Mobile officials have stated that they are currently cooperating with law enforcement in an ongoing investigation. Due to this attack T-Mobile has partnered with cyber-security agency Mandiant to conduct a full scale investigation of the attack. They have also claimed to have notified most if not all current and past customers as well as prospectives that were affected by the hack. The carrier has stepped

up security features offered to their customers, including two free years of identity theft protection, a scam sweeper app, and are now offering what they refer to as “Account Takeover Protection”. They have urged all their customers to reset their passwords on all platforms.

While this is the biggest attack to be carried out on T-Mobile it isn’t the first. In fact the company has been breached four times since 2018, the largest previously being a breach of 200,000 users data. Another attack saw the logins of company employees being released to the dark web. Attacks such as these have seen nearly a 500% increase since 2019. The methods of these hackers are becoming more evolved and more invasive by the day. This is why proper cyber-security for your enterprise is invaluable. While there are many steps that you can take on your own, such as proper password maintenance and running firewalls and anti-malware software, it is no longer enough to stop there. Partnering with a security minded MSP, such as Delval Technology Solutions, can make the difference between having a minor hiccup or losing thousands if not millions of dollars in data, as well as the trust of your employees and clients. For more information, a system assessment, and a free dark web report, where the dark web is scoured to see if any of your data has been compromised, reach out to Delval Technology Solutions today.


The Bottom Line on MSP's

With the end of fiscal year 2021 rapidly approaching, now is the time that many companies are setting next years budget, evaluating current positions in the market, and looking for ways to decrease headaches and increase their bottom line. Some companies are looking to hire new, talented employees, from salespeople to truck drivers and warehouse workers. Others are looking to find areas in which they can maximize existing assets to drive revenue and growth for their enterprise, and some are trying to right the ship to avoid a seemingly inevitable crash.

One of the focus points for many companies is their IT division if they have one or filling a gap in their network management in the most effective way possible. This is where a managed service provider comes in. A managed service provider gives you all of the expertise of an in-house IT department at a fraction of the cost. In the United States, the

average cost of employing an IT professional can range anywhere from $60,000 a year to over $100,000 a year depending on the level of experience and expertise of the employee. IT being the multi-faceted department that it is, if you were to try to fill all these necessary roles, such as help desk, security, network professionals, and CIO’s, you are looking at spending anywhere from hundreds of thousands to millions of dollars a year depending on the size of your enterprise. An MSP, such as DelVal Technology Solutions, gives you

unfettered access to these professionals on a contractual basis, often for less than it costs to employ a single IT person per year. For this lower cost, you have access to an entire team that can be on hand when needed, monitoring and securing your network, watching out for your blind spots, and advising you on important technological decisions.

Take a look around your office space, if you haven’t done proper technological house keeping in a while, there is a good chance you have a lot of unneeded hardware. When you bring on an MSP, one of the first things they will give you is a tech assessment and roadmap. Chances are you don’t need a lot of the extra hardware you are running or planning to buy. A proper MSP like DTS will help you take your business to the cloud. This move will free up a lot of space as well as help you cut down on your energy costs by eliminating

redundant hardware.

This also works with software too. Many MSP’s are partnered with top SaaS (software as a service) providers, allowing you to pay monthly for things like Microsoft Exchange, 365, and your Adobe suites. By subscribing to these licenses, it allows for easier, more affordable scalability and the ability to add users without an extra associated cost. Another benefit of an MSP is the amount of downtime you can eliminate on a consistent basis. Downtime can plague businesses, in fact, it has been said that 72 hours of downtime can lead to a destruction of a company almost 70% of the time. Having a great MSP on your side, such as Delval Technology Solutions, gives you access to technicians, a help desk, and a

security team all wrapped into one monthly payment. If you have a problem, be it an outage, employee confusion, or a catastrophe, your MSP is there to make sure

you are up and running again as quickly as possible.

Not having to worry about employing an entire in-house IT team also allows you to reallocate funds to other departments, as opposed to allocating new funds to these departments. This can open many doors for your business. That extra available revenue can be used to market your company, invest in new products or services, hire new employees, or incentivize your current team. Whatever you do with those funds is up to you, but partnering with an MSP can help you turn your savings into profit, not only helping your bottom line, but growing it as well.

Many companies look at cyber-security as insurance, but it can be so much more than that. Attacks and breaches can cost companies thousands if not millions in losses and regulatory fees, on top of the downtime it can cause. A security minded MSP partner, such as Delval Technology Solutions, can not only help you recover from these pitfalls, but also avoid catastrophe before it happens. They can aid in training your staff, monitoring your network, testing for holes that intruders can get into, and protecting your endpoints. On top of this they can help you ensure that you are compliant, which can be confusing as new regulations or changes to existing regulations seem to change on a near daily basis. Staying ahead of cyber-criminals and regulatory issues can be the difference between smooth sailing and lost revenue and market trust.

While partnering with an MSP may seem like a bill to pay, it is in fact a way to save money. You can cut down on existing overhead, be it personnel or technology. It allows you piece of mind that you will be able to enjoy reduced downtime and increased productivity, making for a healthier company ecosystem. The headaches and anxiety of cyber-security and compliance can be replaced with piece of mind knowing your business is protected, allowing you to focus on your bottom line.